VeriFlow Aims to Verify Application-Defined Networks in Real Time

Software Defined Networking (SDN) promises unprecedented network flexibility, agility, and programmability, promises embodied in the idea of an application-defined network. But the concept of a network shaped on the fly by applications does raise concerns. Researchers at the Ocean Cluster for Experimental Architectures in Networks (OCEAN) lab at the University of Illinois at Urbana-Champaign (UIUC) hope to address some of those concerns.

The VeriFlow research, conducted by UIUC's Ahmed Khurshid, Xuan Zou, Wenxuan Zhou, Matthew Caesar, and Brighten Godfrey, utilizes an SDN test bed to verify network correctness, security, and fault tolerance in real time, with low latency and low network performance impact. This has particular importance for application-defined networks, since their high level of programmability and the needs and priorities of different applications may result in conflicts.

"So some change was made to the network's configuration. Now you need to know that that had the effect you wanted. What VeriFlow does is help network operators understand what happens in their network and how data flows through it," Godfrey told me.

VeriFlow sits between the SDN controller and the network devices, intercepting rule insertion messages from the controller and checking them for problems in the context of the affected network parts before those rules ever get a chance to alter the network. In most cases, VeriFlow can verify an update within 1 millisecond, with more time needed depending on the number of forwarding equivalence classes a given rule affects. It "imposes negligible overhead on the TCP connection setup throughput" in the experimental OpenFlow network, according to a recent VeriFlow paper, which also states that VeriFlow "imposes minimal overhead on the flow modification message throughput."

Like other recent SDN research and development, VeriFlow's real-time network verification also has security implications for software defined networks. "VeriFlow can say that there is a potential vulnerability, here's how it could be exploited, here's a particular packet, and here are the elements of instructions inside the network that could cause a problem," Godfrey told me. Catching those problems before they occur will become increasingly vital as networks become more dispersed and complex and threats more pervasive.

According to Godfrey, the centralized control inherent in SDN has greatly aided VeriFlow development. "We could have done it before, but it's much easier now. What SDN really gets us is the ability to check the network in real time, because we can sit at the centralized controller and watch the changes go by," he told me.

Godfrey and his team have already tested VeriFlow on the UIUC network, which supports about 70,000 devices, finding real bugs later confirmed by network operators. The project won a best paper award at the HotSDN 2012 workshop and was presented at the 2013 Open Networking Summit.

The prototype VeriFlow implementation is integrated with a NOX OpenFlow controller and driven by a Mininet OpenFlow network. The OCEAN SDN test bed uses Pica8 P-3290 48 x 1GbE switches. The switches run the open PicOS network operating system, which incorporates standard-based L2/3 protocols into existing networks and functions in Open vSwitch mode for OpenFlow 1.2 and 1.3 support.

Pica8's involvement in the project is a source of pride for the whitebox SDN startup. "One of the things we're trying to do as a company is to find our place in the SDN market," Steve Garrison, VP of marketing at Pica8, told me. "Having a researcher willing to spend time collaborating and partnering with us on features and helping us steer our roadmap gives us a better idea of where the market might be in 3 to 5 years."